Businesses are challenged with developing highly granular security policies for enterprise networks to allow or deny access to enterprise resources at the level of individual devices or even individual applications. One important goal of network administrators is to restrict unauthorized disclosures of enterprise data without negatively impacting worker productivity. For modern businesses operating in the information age, achieving this goal may require security policies to account for highly complex enterprise networks often having hundreds of applications attempting to access thousands of enterprise data resources. Exacerbating this challenge is the increasingly dynamic nature of modern enterprise networks in which new applications and devices are regularly deployed and, therefore, need to be granted access to enterprise data resources. For example, even a perfectly tailored security policy that defines appropriate permissions for each application and each network location that an enterprise's workers currently use may quickly become obsolete as new applications are installed or developed and/or new network locations are deployed. This is especially true in technology companies with the core business function of developing new applications since in such companies it is impractical for network administrators to have knowledge of and account for such new applications during early stages of development.
It is with respect to these considerations and others that the disclosure made herein is presented.